allow bare IP addresses in SAN

This change adds the `-i` option to the `create-server` script to specify bare IP addresses as subjectAlternativeNames for server certificates.
tomberek · Aug 6, 2023 · ebdc2f1 · ebdc2f1
1 parent d1f3b33
commit ebdc2f1
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/create-server b/create-server
@@ -16,12 +16,13 @@ source "${BIN_DIR}/functions"
 source "${BIN_DIR}/defaults.conf"
 
 usage() {
-    echo "Usage: $0 -s SHORT_NAME -a ALT_NAME [-a ALT_NAME2]..."
+    echo "Usage: $0 -s SHORT_NAME -a ALT_NAME [-a ALT_NAME2]... [-i ALT_IP1]..."
     echo "Issues a server certificate for SHORT_NAME"
     echo
     echo "Options:"
     echo "    -s SHORT_NAME   Server hostname (commonName) for the new cert"
     echo "    -a ALT_NAME     One (or more) subjectAltNames for the new cert"
+    echo "    -i ALT_IP       One (or more) IP addresses as SANs for the new cert"
     echo
 }
 
@@ -33,7 +34,7 @@ fi
 SERVER_NAME=
 ALT_NAME=
 
-while getopts s:a:h FLAG; do
+while getopts s:a:i:h FLAG; do
     case $FLAG in
         h) echo -e -n "$SUCC " && usage && exit 0
            ;;
@@ -45,6 +46,12 @@ while getopts s:a:h FLAG; do
                ALT_NAME="${ALT_NAME}, DNS:${OPTARG}"
            fi
            ;;
+        i) if [ -z "${ALT_NAME}" ]; then
+               ALT_NAME="IP:${OPTARG}"
+           else
+               ALT_NAME="${ALT_NAME}, IP:${OPTARG}"
+           fi
+           ;;
         *) echo -e -n "$ERR " && usage && exit 2
            ;;
     esac